APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 



AP33088-070457.0985 



BAKER BOTTS L.L.P. I 

30 ROCKEFELLER PLAZA winter, john m 
NEW YORK, NY 1 0 1 1 2-0228 I 



PAPER NUMBER 



MAIL DATE | DELIVERY MODE 

05/04/2010 PAPER 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



l/ffflrC? nVrliUli Otfff Iff ids y 


Application No. 

09/809,367 


Applicant(s) 

HOGAN ET AL. 


Examiner 

JOHN M. WINTER 


Art Unit 

3685 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^ Responsive to communication(s) filed on 24 August 2009 . 
2a )□ This action is FINAL. 2b)^| This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-10 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^3 Claim(s) 1-10 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) Q Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) O The drawing(s) filed on is/are: a)0 accepted or b)0 objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 
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a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

30 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

Acknowledgements 

1 . The Applicants amendment filed on September 3, 2009 is hereby acknowledged, 

Claims 1-10 remain pending. A request for continued examination under 37 CFR 1.1 14, 
including the fee set forth in 37 CFR 1.17(e), was filed in this application after final 
rejection. Since this application is eligible for continued examination under 37 CFR 
1.1 14, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the 
previous Office action has been withdrawn pursuant to 37 CFR 1.1 14. Applicant's 
submission filed on August 24,2009 has been entered. 



Response to Arguments 

2. Applicant's arguments with respect to claims 1-10 have been considered but are 

moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC §101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

Claims 1-10 are rejected under 35 U.S.C. §101 because the claimed invention is directed 
to non- statutory subject matter. 

Based on Supreme Court precedent (See also Diamond v. Diehr, 450 U.S. 175, 184 
(1981); Parker v. Flook, 437 U.S. 584, 588 n.9 (1978); Gottschalk v. Benson, 409 U.S. 
63, 70 (1972); Cochrane v. Deener, 94 U.S. 780, 787-88 (1876)) and recent Federal 
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Circuit decisions, a §101 process must (1) be tied to another statutory class (such as a 
particular apparatus) or (2) transform underlying subject matter (such as an article or 
materials) to a different state or thing. In addition, the tie to a particular apparatus, for 
example, cannot be mere extra-solution activity. See In re Bilski, 88 USPQ2d 1385 (Fed. 
Cir. 2008). 

An example of a method claim that would not qualify as a statutory process would be a 
claim that recited purely mental steps. 

To meet prong (1), the method step should positively recite the other statutory class (the 
thing or product) to which it is tied. This may be accomplished by having the claim 
positively recite the machine that accomplishes the method steps. Alternatively or to 
meet prong (2), the method step should positively recite identifying the material that is 
being changed to a different state or positively recite the subject matter that is being 
transformed. 

In this particular case, claim 1 fails prong (1) because the "tie" (e.g. providing to a 
computer) is representative of extra-solution activity . Additionally, the claim(s) fail 
prong (2) because the method steps do not transform the underlying subject matter to a 
different state or thing. 

Claims 2-10 are either dependant upon claim 1 or contain similar limitations and are 
rejected for at least the same reasons. 



Claim Rejections - 35 USC §103 
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3. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

4. Claims 1-10 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Walker et al, U.S. Patent No. 6,163,771 in view of Flitcroft et al, U.S. Patent No. 
6,636,833. and further in view of Fleming (US Patent 5,953,710). 



As per claims 1-7 ,9 and 10, 
Walker et al. teach a method for conducting a secure transaction by providing users with 
a list of proxy credit card numbers (column 11, lines 20-25) comprising: 
assigning to a purchaser a first payment account number having a status that changes over 
time using an assigning computer, providing a second payment account number and 
having an encryption key assigned thereto (figures 7 and 13; column 7, lines 20-26) 
providing a second payment account number associated with said first payment account 
number to a purchaser computer using an issuer computer, said second payment account 
number being reusable by the purchaser for any purchase in which said first payment 
account number could be used for, (figures 3B, 9A, and 10-1 IB; column 7, lines 20-26) 
and not being a transaction number and having an encryption key assigned thereto 
(figures 6 and 7; column 6, lines 30-53; column/line 7/27-8/36) 
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requesting authorization for payment of said transaction with said second payment 
account number and not said first payment account number using a merchant computer; 
(figures 3B, 9A, and 10-1 IB; column 7, lines 20-26) 

identifying said purchaser's first payment account number in response to said 
authorization request using an acquirer computer or an issuer computer processor 
programmed to discriminate between said second payment account number and said first 
payment account number with at least one translation key that can be used to translate 
between the second payment account number and first payment account number; (figures 
6 and 7; column 6, lines 30-53; column/line 7/27-8/36) and using said an acquirer 
computer or an issuer computer programmed to discriminate between said second 
payment account number and said first payment account number, responding to said 
authorization request based upon said status of said first payment account number at the 
time of the transaction, (figure 3B; column 6, lines 15-28; column 9, lines 30-36) 
Walker et al. do not explicitly recite wherein providing said second payment account 
number comprises :(i) sending identification information from a purchaser computer to an 
issuer computer ; (ii) verifying said identification information using an issuer computer, 
(iii) after verifying said identification information, using an issuer computer to provide 
secure payment software comprising said second payment number to a purchaser 
computer; (c) sending data from a purchaser computer using said secure payment 
software to a merchant computer comprising: at least one of said second payment account 
number and a digital certificate that includes said second payment account number, the 
cardholder's card expiration date, the merchant identification number, and at least one of 



Application/Control Number: 09/809,367 Page 6 

Art Unit: 3685 

a generated message authentication code (MAC) and a digital signature generated by the 
secure payment application. Fleming ('467) discloses wherein providing said second 
payment account number comprises: sending identification information from a purchaser 
computer to an issuer computer;(Column 7, line 65 - column 8, line 7) verifying said 
identification information using an issuer computer, after verifying said identification 
information, using an issuer computer to provide secure payment software comprising 
said second payment number to a purchaser computer; (Column 8, lines 17-40) sending 
data from a purchaser computer using said secure payment software to a merchant 
computer comprising: at least one of said second payment account number and a digital 
certificate that includes said second payment account number, the cardholder's card 
expiration date, the merchant identification number, and at least one of a generated 
message authentication code (MAC) and a digital signature generated by the secure 
payment application.(Figure 7, Column 9, lines 23-47). Therefore, it would have been 
obvious to one of ordinary skill to combine the teachings of Walker et al. ('771, figure 
13) and Flitcroft et al. with Fleming ('467) in order to create a more flexible system by 
allowing users to use proxy card numbers for multiple transactions and obtain additional 
lists of numbers. 

Walker et al. do not specifically recite verifying that merchant data is correct. However, it 
would have been at least obvious to one of ordinary skill for a user or merchant to verify 
the amount to ensure that the user is being billed properly, and for the user, merchant or 
credit card issuer to verify the correctness of the merchant ID in order to prevent 
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transaction cancellation based on an incorrect merchant ID. Regarding DES and DESX, 
Walker et al. implement their system using cryptographic algorithms (column 2, lines 30- 
34; column 7,lines 3-8). Hence, it would have been obvious to one of ordinary skill to 
encrypt the pseudo account number using RSA, DES or its variants such as DSA or 
Walker et al. do not explicitly recite re-usable pseudo account numbers. Filcroft et al. 
teach a credit card system for providing users with limited-use card numbers (e.g. single 
use, reusable) (abstract; column 6, lines 52-64). Specifically, teach a system for creating 
an encrypted list proxy or second card number from a first (e.g. via mapping, no 
discernable link for obtaining the first number from the proxy, additional card numbers 
cannot be predicted from those proxy numbers previously issued) (column 10, lines 8-11; 
column 11, lines 10-14; column/line 12/10-13/15; column/line 19/65-22/57). Therefore, it 
would have been obvious to one of ordinary skill to combine the teachings of Walker et 
al. ('771, figure 13) and Flitcroft et al. in order to create a more flexible system by 
allowing users to use proxy card numbers for multiple transactions ('833; column 6, lines 
52-64) and obtain additional lists of numbers ('771, figure 13, column 11, lines 20-25; 
'8.33, column 18, lines 25-44; column 19, lines 10-15) 



5. Claim 8 is rejected under 35 U.S. C. 103(a) as being unpatentable over Walker et 

al, U.S. Patent No. 6,163,771 and Flitcroft et al, U.S. Patent No. 6,636,833 as applied to 
4, and in further view of Lee et al, U.S. Patent No. 6,018,717. 

As per claim 8, Walker et al. teach a message authentication code that comprises a 
digital signature generated by a secure payment application (column 8, lines 9-36). 
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However, Walker et al. do not specifically recite public key certificates. Lee et al. teach a 
method for performing secure transactions using card unique certificates that are 
associated with a public key of a private/public key pair (column/line 11/15-12/18). 
Therefore, it would have been obvious to one of ordinary skill to combine the teachings 
of Walker et al. and Lee et al. in order to uniquely associate a transaction message with a 
user ('717, column/line 10/38-1 1/13) and to, in the event the private key ('771, abstract) 
is obtained by a malicious user, to provide protection against fraud by using different 
keys to encrypt and decrypt a transaction message ('717, column/line 10/38-11/13). 

Double Patenting 

The nonstatutory double patenting rejection is based on a judicially created doctrine 
grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. A nonstatutory obviousness- 
type double patenting rejection is appropriate where the conflicting claims are not 
identical, but at least one examined application claim is not patentably distinct from the 
reference claim(s) because the examined application claim is either anticipated by, or 
would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 
1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 
2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re 
Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, All F.2d 438, 164 
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USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 
1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may 
be used to overcome an actual or provisional rejection based on a nonstatutory double 
patenting ground provided the conflicting application or patent either is shown to be 
commonly owned with this application, or claims an invention made as a result of 
activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal 
disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 
3.73(b). 

Claims 1-10 are rejected on the ground of nonstatutory obviousness-type double 
patenting as being unpatentable over claims 1-6 of U.S. Patent No. 7.177.848. Although 
the conflicting claims are not identical, they are not patentably distinct from each other 
because the same process is substantially disclosed. 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to JOFfN M. WINTER whose telephone number is 
(571)272-6713. The examiner can normally be reached on M-F 8:30-6, 1st Fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Calvin Hewitt can be reached on (571) 272-6709. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



JMW 



/Calvin L Hewitt II/ 

Supervisory Patent Examiner, Art Unit 3685 



